First of all the public role shouldn't have any permissions assigned to it unless someone granted them explicitly. By default the public serverole only has connect permission to the server. The public role has some permmissions granted implicitly through the guest user and you should be very careful removing any of them, because it can mean that users are no longer able to login or see certain server objects. The guest user is needed at least in master and tempdb. You can (and probably should) disable it in all user databases, but better stay away from the system databases.
Here you can find some more info here
About the extended procedures I hope you just want to deny exec to certain users or roles. While you can deny exec on quite a lot of them without doing any damage, you should also be aware of the fact that a lot of them are used by SSMS and other tools. For example xp_readerrorlog is needed to view the SQL error log and xp_instance_regread is used during server startup. So if you really want to deny execute on some of them to all users including sysadmins you should be very careful what you do.
By the way you can disable some XP_procedures using sp_configure like xp_cmdshell and all the SMO and DMO procedures.
Hope this helps
[font="Verdana"]Markus Bohse[/font]